What 2017 means for cybersecurity

Written by 
Published in Features
  • font size decrease font size decrease font size increase font size increase font size
  • Print
  • Email

Peter Bauer, CEO and co-founder at  Mimecast

1. “The Rise of Cyber Gangs - The past year has been rampant with attacks, and it’s only going to get worse. Not just in the number of attacks, but the sophistication. Attackers have been getting smarter, their data gathering techniques more sophisticated, and they’re becoming more organised. In 2017, we’ll likely see growing groups of attackers, as well as a network of shared information they’ve stolen. These groups will also likely clash, and we’ll see attackers going after each other as well as these virtual gangs grow, gain resources, and fight over territories in the digital landscape. As we all know everyone needs to protect against these threats, by taking a layered approach and ensure they have a proper cyber resilience strategy in place to combat these threats. But that can sometimes be out of reach for many organisations as they are always strapped for resources, budget and then management of said layers. Thus the massive shift of organisations moving to a cloud security strategy where you can get advanced security capabilities that would be out of reach to try and build on premise. 
 
2. “Ransomware Continues to Evolve yet don’t take your eye off other threats - Ransomware will explode to become one of the biggest threats, fuelled by smaller ‘opportunist’ attackers using off-the-shelf kits to deploy malware. This is an easy and cheap attack method that produces fruitful results. Few organisations have effective defences against this type of malware and now with bitcoins enabling the perpetrators to increase distance from their victims further, it has never been so easy to get away with it. In the coming year, we should also expect more crypto-lockers and evolving forms of ransomware that deny access to desktops, network drives and cloud services. And just as you focus your attention on ransomware issues you can’t be caught off guard by adversaries impersonating the CEO to transfer thousands of dollars to an offshore account or by basic phishing attacks that will cause employees to launch attacks on your organisation.  
 
3. “Focus on Data Mining - One theme that is still overlooked is that it’s not just about wire transfers. Attackers aren’t just focused on money, they’re focusing on data mining and will use the data they gather in more advanced attacks to gather important data to be either sold on the Dark Web, or used in future attacks.  (Remember the W-2 fraud uptick earlier this year? We’re heading into tax season, and can expect to see this again.)  While Wire Transfer fraud is, and will be an issue in the future, organisations need to also think about where else they’re susceptible and ensure they have the appropriate protective measures in place. Backups are essential, but the evolution of ransomware is staggering and organisations need to ensure their gateway, firewall, endpoint and other security solutions are consistently up-to-date.
 
4. “Cyber Espionage to Cause More Political Disruption - Nation states and their sponsored operatives will use cyber espionage more and more to cause political shifts, disruption, and to gain economic advantage. This will involve, but will not be limited to, email hacking and disclosure of other forms of intercepted private communications, disruption of and interference with critical national infrastructures (Stuxnet 2). 
 
5. “Reigning-in Data Residency and Governance – The impending GDPR will focus European organisations on improving their security and privacy programs significantly in 2017. And, at the same time increased state-sponsored attacks will lead to more stringent rules around data residency and governance, as well as state firewalls being considered to mitigate threats and allow regional business activity to continue. Advancements in managing internet traffic from different geographies may also become a focus as global trade landscape changes.
 
6. “Impersonation Attacks in the Spotlight - 2016 has been the year of ransomware and it’s no secret that social engineering attacks, like phishing, spear-phishing and domain spoofing have grown from being a nuisance to a huge problem. However, one of the lesser publicised problems is impersonation attacks. Whaling attacks can cost organisations millions in financial losses. In fact, according to the U.S. Federal Bureau of Investigation, whaling attacks led to more than $2.3 billion in losses over the last three years. We expect to see whaling attacks as the next “it” attack flooding the media. 
 
7. “Macro Malware Still in the Game – Once thought of as a thing of the past, macro malware has reared its ugly head into the ring of attack methods cybercriminals are using. While most organisations choose to block executable attachments at the gateway by default, they must still allow files, such Microsoft Office documents, to pass freely if employees are to be productive. Attackers exploit this by weaponising files in these common formats. According to our own research, we found that 50% of firms have seen email attacks that use macros in attachments increase over the last year. Why? Well it’s such a simple tactic with little proactive AV detection, and that’s why we’ll continue to see waves of Macro malware into next year and beyond. “
 

Full Name


Email Address


Bosch Corner

Extremely intelligent cameras for extremely testing conditions

Extremely intelligent cameras for extremely testing conditions

Nature is incredibly unpredictable. It only takes minutes for a wind to double in strength...

Full control

Full control

From evacuation to conferencing: Bosch supplies full security and communications solution to Krakow event center.

Bosch is bringing more intelligent viewing to your screens

Bosch is bringing more intelligent viewing to your screens

But for the latest Bosch AUTODOME IP moving cameras, a few seconds is all it...

Event News

Next Events

BSIA Spotlight

Achieving efficiency through integration

Achieving efficiency through integration

As an important method of securing a site by controlling, monitoring and restricting the movement...

Full stop

Full stop

Renewed focus on Hostile Vehicle Mitigation following vehicular attacks in London.

Industry experts elected to BSIA Section Chair positions

Industry experts elected to BSIA Section Chair positions

At the British Security Industry Association’s Annual General Meeting on Wednesday 12th July 2017, 24 industry...

IPSA Features

The Challenges with security in university accommodation

The Challenges with security in university accommodation

By Jane Farrell, FM Development Manager, Sodexo and Chairman International Professional Security association (IPSA)

Recognising the contribution of contract security

Recognising the contribution of contract security

Following on from recent terror attacks in the UK, there has been a lot of...

Debunking Cyber Security

Debunking Cyber Security

Over the last few years companies have started to realise that cyber security is a...

MEB Media Limited

13 Princess Street,

Maidstone,Kent

ME14 1UR

United Kingdom

http://www.mebmedia.co.uk/

 

Site Map

Monthly Newsletter Signup

Full Name


Email Address